The Medusa Strategy to Defeat Iran and the Houthis

Please see my new article in The Times of Israel called "The Medusa Strategy to Defeat Iran and the Houthis."

Israel should consider employing a strategy mirroring Iran's use of proxy forces, extending beyond conventional military support to include infiltration and subversion within enemy territories. Iran has effectively leveraged groups like Hamas, Hezbollah, and various Iraqi and Syrian militias to exert influence and conduct operations near Israel's borders. Israel could adopt a similar approach, utilizing regional actors who share common adversaries, while also actively working to destabilize these threats from within.

(AI generated image via Cyberpunk Generator)

The Medusa Strategy to Defeat Iran and the Houthis

The Ticking Iran Time Bomb

Please see my new article in The Times of Israel called "The Ticking Iran Time Bomb."

In the end, we're dealing with a serious and determined Iranian adversary, along with their network of regional terrorist groups. Let's hope and pray that we have the strategic foresight to fully comprehend the multifaceted threat posed by Iran, both internally and externally, and that we take decisive action to implement the educational, political, and military solutions to neutralize the most dangerous global threat we face.

(Credit Photo: Safwat Sayed via https://www.flickr.com/photos/77068017@N07/6925502641)

The Ticking Iran Time Bomb

The "Real" OPM Data Breach

A lot has been made and should be made of the theft of over 21 million federal employees' sensitive personnel records and security clearances. 

Everyone rightly, although somewhat selfishly, is worried about identity theft and the compromised privacy of their information.

The government is worried about hostile nation states using the pilfered information to bribe or coerce military, intelligence, high-level politicals, and others to turn and work for them or otherwise to use against them. 

But what is grossly missing in this discussion is not what information presumably the Chinese stole and how they will use it against us, but rather what information they inserted, altered, or otherwise compromised into the OPM personnel and security databases when they got root access to it.

Imagine for a moment what could hostile nations or terrorists can do to this crown jewel database of personnel and security information:

- They could insert phony records for spies, moles, or other dangerous persons into the database--voila, these people are now "federal employees" and perhaps with stellar performance records and high level security clearances able to penetrate the depths of the federal government with impunity or even as superstars!

- They could alter personnel or security records taking prominent or good government employees and sabotaging them to have questionable histories, contacts, financial, drug or criminal problems and thereby frame or take-down key government figures or divert attention from the real bad guys out there and tie our homeland security and law enforcement establishment in knots chasing after phony leads and false wrongdoers and villains.

Given that the timeline of the hack of OPM goes back to March and December 2014, this was more than enough time for our adversary to not only do to our data what they want, but also for the backup tapes to be affected by the corrupt data entering the system. 

The damage done to U.S. national security is unimaginable. As is typically the case with these things, "An ounce of prevention is worth a pound of cure." Instead of investing in security, now we can invest in "credit monitoring and identity theft protection" for a very sparse three years, while federal employees will go a lifetime in information jeopardy, and the federal government will be literally chasing its tail on personnel security for decades to come. 

With the price so low to our adversaries in attacking our systems, it truly is like stealing and much more. ;-)

(Source Photo: Andy Blumenthal)

The "Real" OPM Data Breach

Insuring Against Cyber Attacks

More and more, our technology is at risk of a cyber attack. 

In fact, just today the Wall Street Journal reported that Iran has hacked into the Navy's unclassified network. 

While we can fix the computers that were attacked, the damage done in terms of data exfiltration and malware infiltration is another matter.

To fix the computers, we can wipe them, swap out the drives, or actually replace the whole system. 

But the security breaches still often impose lasting damage, since you can't get the lost data or privacy information back or as they say "put the genie back in the bottle."

Also, you aren't always aware of hidden malware that can lie dormant, like a trojan horse, nor can you immediately contain the damage of a spreading computer virus, such as a zero-day attack. 

According to Federal Times, on top of more traditional IT security precautions (firewalls, antivirus, network scanning tools, security settings, etc.), many organizations are taking out cybersecurity insurance policies.

With insurance coverage, you transfer the risk of cybersecurity penetrations to cover the costs of compromised data and provide for things like "breach notification to victims, legal costs and forensics, and investigative costs to remedy the breach."

Unfortunately, because there is little actuarial data for calculating risks, catastrophic events such as "cyber espionage and attacks against SCADA industrial controls systems are usually not covered. 

DHS has a section on their website that promotes cybersecurity insurance where they state that the Department of Commerce views cybersecurity insurance as an "effective, market-driven way of increasing cybersecurity," because it promotes preventive measures and best practices in order to lower insurance premiums and limits company losses from an attack. 

Moreover, according to the DHS Cybersecurity Insurance Workshop Readout Report (November 2012) cybersecurity insurance or risk transfer is the fourth leg of a comprehensive risk management framework that starts with risk acceptance, risk mitigation, and risk avoidance. 

I really like the idea of cybersecurity insurance to help protect organizations from the impact of cybersecurity attacks and for promoting sound cybersecurity practices to begin with.  

With cyber attacks, like with other catastrophes (fire, flood, accident, illness, and so on), we will never be able to fully eliminate the risks, but we can prepare ourselves by taking out insurance to help cover the costs of reconstituting and recovery. 

Buying insurance for cybersecurity is not capitulating our security, but rather adding one more layer of constructive defense. ;-)

(Source Photo: Andy Blumenthal)

Insuring Against Cyber Attacks